Important Advice on Surviving an Employee Data Breach

Loss of Sensitive Data

Second only to child identity theft, the sensitive nature of employee data is amongst the most damaging types of information that can be lost in a breach. Because of the unique records housed within the HR department, employee data breaches allow for the potential exposure of a wider range of information as opposed to a simple credit card number or user name/password.

Preparing for an employee data breach will take more than just increasing investment in IT security. It also means having a strong data breach response plan in place that incorporates considerations for the specific type of data that may be lost.

Recent large data breaches involving the loss of sensitive employee information are signaling a shift in the security landscape. Hackers are no longer focusing solely on credit card information and financial data to sell on the black market. Instead, cyber thieves driven by different goals are now targeting a wider variety of information, from password credentials and employment records, to potentially damaging email exchanges that could be used as blackmail or to damage brand reputation.

Preparing for incidents of this nature requires organizations to rethink the type of data we secure and what it means to prepare for a data breach. In today's world, businesses need to think broadly about fostering a security culture across the board, and know how to communicate effectively if an incident affecting more than customer data does occur.

Based on experience servicing some of the largest data breaches to date, Michael Bruemmer, vice president, Experian Data Breach Resolution, compiled five considerations organizations need to take into account in order to properly prepare for an employee data breach. First and foremost, it is important to keep in mind that employees are arguably an organization's biggest asset, and therefore require different considerations than other audiences potentially affected by a breach.

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ... More >>